After reading "nginx does not suck at ssl": http://matt.io/entry/ur I'm using: ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH; Is this a good choice? - Grant